evm-utils renamed to ima-evm-utils.

Version set to 0.2. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Added RPM and TAR building rules
2025-07-03 22:23:16 +02:00 · 2012-09-06 14:08:53 +03:00 · 2012-09-06 14:08:53 +03:00 · 2012-09-06 14:08:53 +03:00 · 2012-09-06 14:08:53 +03:00 · 2012-09-06 14:08:53 +03:00
6 changed files with 480 additions and 364 deletions
--- a/14
+++ b/14
@ -1,3 +1,17 @@
 2012-04-05  Dmitry Kasatkin  <dmitry.kasatkin@intel.com>
 	version 0.2
 	* added RPM & TAR building makefile rules
 	* renamed evm-utils to ima-evm-utils
 	* added command options description
 	* updated error handling
 	* refactored redundant code
 2012-04-02  Dmitry Kasatkin  <dmitry.kasatkin@intel.com>
 	version 0.1.0
 	* Fully functional version for lastest 3.x kernels
 2011-08-24  Dmitry Kasatkin  <dmitry.kasatkin@intel.com>
 	version 0.1
--- a/Makefile.am
+++ b/Makefile.am
@ -4,3 +4,20 @@ SUBDIRS = src tests
 ACLOCAL_AMFLAGS = -I m4
 SRCS = $(HOME)/rpmbuild/SOURCES
 SPEC = $(PACKAGE_NAME).spec
 pkgname = $(PACKAGE_NAME)-$(PACKAGE_VERSION)
 tarname = $(pkgname).tar.gz
 $(tarname):
 	git tag -f v$(PACKAGE_VERSION)
 	git archive --format=tar --prefix=$(pkgname)/ v$(PACKAGE_VERSION) $(FILES) | gzip >$@;
 tar: $(tarname)
 rpm: $(tarname)
 	cp $(tarname) $(SRCS)/
 	rpmbuild -ba --nodeps $(SPEC)
 .PHONY: $(tarname)
--- a/12
+++ b/12
@ -1,8 +1,17 @@
 1. Generate private key
 # plain key
 openssl genrsa -out privkey_evm.pem 1024
 # encrypted key
 openssl genrsa -des3 -out privkey_evm.pem 1024
 # set password for the key
 openssl rsa -in /etc/keys/privkey_evm.pem -out privkey_evm_enc.pem -des3
 or
 openssl pkcs8 -topk8 -in /etc/keys/privkey_evm.pem -out privkey_evm_enc.pem
 2. Generate public key
 openssl rsa -pubout -in privkey_evm.pem -out pubkey_evm.pem
@ -34,6 +43,9 @@ find /lib/modules ! -name "*.ko" -type f -uid 0 -exec evmctl sign --imahash '{}'
 # security.ima needs to have signature for modules
 find /lib/modules -name "*.ko" -type f -uid 0 -exec evmctl sign --imasig '{}' \;
 # generate signatures in .sig files
 find /lib/modules -name "*.ko" -type f -uid 0 -exec evmctl -n --sigfile ima_sign '{}' \;
 8. Label filesystem in fix mode...
 ima_fix_dir.sh <dir>
--- a/configure.ac
+++ b/configure.ac
@ -1,7 +1,7 @@
 # autoconf script
 AC_PREREQ([2.65])
-AC_INIT(evm-utils, 0.1, dmitry.kasatkin@intel.com)
+AC_INIT(ima-evm-utils, 0.2, dmitry.kasatkin@intel.com)
 AM_INIT_AUTOMAKE(AC_PACKAGE_NAME, AC_PACKAGE_VERSION)
 AC_CONFIG_HEADERS([config.h])
 AC_CONFIG_MACRO_DIR([m4])
@ -33,7 +33,7 @@ AC_CHECK_HEADERS(openssl/conf.h)
 #debug support - yes for a while
 PKG_ARG_ENABLE(debug, "yes", DEBUG, [Enable Debug support])
 if test $pkg_cv_enable_debug = yes; then
-	CFLAGS="-g -O1 -Wall -Wstrict-prototypes -pipe"
+	CFLAGS="$CFLAGS -g -O1 -Wall -Wstrict-prototypes -pipe"
 else
 	CFLAGS="$CFLAGS -Wall -Wstrict-prototypes -pipe -fomit-frame-pointer"
 fi
@ -47,7 +47,7 @@ fi
 AC_CONFIG_FILES([Makefile
 		src/Makefile
 		tests/Makefile
-		evm-utils.spec
+		ima-evm-utils.spec
 		])
 AC_OUTPUT
--- a/ima-evm-utils.spec.in
+++ b/ima-evm-utils.spec.in
@ -1,7 +1,7 @@
 Name:		@PACKAGE_NAME@
 Version:	@PACKAGE_VERSION@
 Release:	1%{?dist}
-Summary:	evm-utils - IMA/EVM support utilities
+Summary:	@PACKAGE_NAME@ - IMA/EVM control utility
 Group:		System/Libraries
 License:	LGPLv2
 #URL:		
@ -12,11 +12,10 @@ BuildRequires:    autoconf
 BuildRequires:    automake
 BuildRequires:    openssl-devel
 BuildRequires:    libattr-devel
 BuildRequires:    readline-devel
 BuildRequires:    keyutils-libs-devel
 %description
-This library provides EVM support utilities.
+This package provide IMA/EVM control utility
 %prep
 %setup -q
@ -48,6 +47,6 @@ exit 0
 %{_libdir}/*
 %changelog
-* Wed Jul 20 2011 Dmitry Kasatkin <dmitry.kasatkin@intel.com>
+* Thu Apr 05 2012 Dmitry Kasatkin <dmitry.kasatkin@intel.com>
- Initial package for MeeGo
+- Initial RPM spec file
--- a/src/evmctl.c
+++ b/src/evmctl.c
Author	SHA1	Message	Date
Dmitry Kasatkin	76f3496455	evm-utils renamed to ima-evm-utils. Version set to 0.2. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	dc36ed86d3	Added RPM and TAR building rules Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	de89119dbf	added command options description Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	04e3ff3ef5	removed unused parameter Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	5769fb1833	import functions combined Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	52960f8b93	updated error handling Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	e576ac9771	read list of existing extended attributes getxattr() might return runtime value which does not really exist on file system. It happens for SMACK LSM. Reading the list of existing attributes allows to prevent such to happen. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	d61b9c0be7	added HMAC API error handling Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	1e2934d9a3	version 0.1.0	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	c13fce4028	remove unused parameter Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	aa2f6e9b63	Changed time_t timestamp type to uint32_t time_t is actually long and is different on 32 and 64 bit architectures. Format of the signatures should not depend on the architecture and should be the same. Changed timestamp to uint32_t like in GPG. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:53 +03:00
Dmitry Kasatkin	ff071501d0	Added missing CFLAGS Added missing CFLAGS Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	f2b486e053	Added signature write to .sig file To enable module signature verification working on file systems without extended attributes, or to be able to copy modules by methods, which does not support extended attribute copying, it is necessary to store signature in the file. This patch provides command line parameter for storing signature in .sig file. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	e3f11d343a	Change set_xattr to xattr. set_xattr changed to xattr. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	7e89de565e	Changed to conform Linux kernel coding style Changed to conform Linux kernel coding style, except 80 characters line length limit. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	e91cb01e9a	added password parameter for using encrypted keys Added password parameter for using encrypted keys. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	b0966fd243	added openssl initialization and error reporting Added openssl initialization and error reporting. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00
Dmitry Kasatkin	0b197c4d30	minor fixes - error message - command info Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>	2012-09-06 14:08:52 +03:00